ID CVE-2008-1615
Summary Linux kernel 2.6.18, and possibly other versions, when running on AMD64 architectures, allows local users to cause a denial of service (crash) via certain ptrace calls.
References
Vulnerable Configurations
  • cpe:2.3:o:redhat:enterprise_linux:as_4
    cpe:2.3:o:redhat:enterprise_linux:as_4
  • cpe:2.3:o:redhat:enterprise_linux:es_4
    cpe:2.3:o:redhat:enterprise_linux:es_4
  • cpe:2.3:o:redhat:enterprise_linux:ws_4
    cpe:2.3:o:redhat:enterprise_linux:ws_4
  • Red Hat desktop 4
    cpe:2.3:o:redhat:enterprise_linux_desktop:4
  • AMD AMD64
    cpe:2.3:h:amd:amd64
CVSS
Base: 4.9 (as of 08-05-2008 - 10:55)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE COMPLETE
nessus via4
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2008-0275.NASL
    description Updated kernel packages that fix various security issues and several bugs are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any Linux operating system. These updated packages fix the following security issues : * on AMD64 architectures, the possibility of a kernel crash was discovered by testing the Linux kernel process-trace ability. This could allow a local unprivileged user to cause a denial of service (kernel crash). (CVE-2008-1615, Important) * on 64-bit architectures, the possibility of a timer-expiration value overflow was found in the Linux kernel high-resolution timers functionality, hrtimer. This could allow a local unprivileged user to setup a large interval value, forcing the timer expiry value to become negative, causing a denial of service (kernel hang). (CVE-2007-6712, Important) * the possibility of a kernel crash was found in the Linux kernel IPsec protocol implementation, due to improper handling of fragmented ESP packets. When an attacker controlling an intermediate router fragmented these packets into very small pieces, it would cause a kernel crash on the receiving node during packet reassembly. (CVE-2007-6282, Important) * a potential denial of service attack was discovered in the Linux kernel PWC USB video driver. A local unprivileged user could use this flaw to bring the kernel USB subsystem into the busy-waiting state, causing a denial of service. (CVE-2007-5093, Low) As well, these updated packages fix the following bugs : * in certain situations, a kernel hang and a possible panic occurred when disabling the cpufreq daemon. This may have prevented system reboots from completing successfully. * continual 'softlockup' messages, which occurred on the guest's console after a successful save and restore of a Red Hat Enterprise Linux 5 para-virtualized guest, have been resolved. * in the previous kernel packages, the kernel may not have reclaimed NFS locks after a system reboot. Red Hat Enterprise Linux 5 users are advised to upgrade to these updated packages, which contain backported patches to resolve these issues.
    last seen 2019-02-21
    modified 2019-01-02
    plugin id 32391
    published 2008-05-20
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=32391
    title RHEL 5 : kernel (RHSA-2008:0275)
  • NASL family Mandriva Local Security Checks
    NASL id MANDRIVA_MDVSA-2008-167.NASL
    description Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel : Memory leak in the ipip6_rcv function in net/ipv6/sit.c in the Linux kernel before 2.6.25.3 allows remote attackers to cause a denial of service (memory consumption) via network traffic to a Simple Internet Transition (SIT) tunnel interface, related to the pskb_may_pull and kfree_skb functions, and management of an skb reference count. (CVE-2008-2136) The utimensat system call (sys_utimensat) in Linux kernel 2.6.22 and other versions before 2.6.25.3 does not check file permissions when certain UTIME_NOW and UTIME_OMIT combinations are used, which allows local users to modify file times of arbitrary files, possibly leading to a denial of service. (CVE-2008-2148) Integer overflow in the dccp_feat_change function in net/dccp/feat.c in the Datagram Congestion Control Protocol (DCCP) subsystem in the Linux kernel 2.6.18, and 2.6.17 through 2.6.20, allows local users to gain privileges via an invalid feature length, which leads to a heap-based buffer overflow. (CVE-2008-2358) The pppol2tp_recvmsg function in drivers/net/pppol2tp.c in the Linux kernel 2.6 before 2.6.26-rc6 allows remote attackers to cause a denial of service (kernel heap memory corruption and system crash) and possibly have unspecified other impact via a crafted PPPOL2TP packet that results in a large value for a certain length variable. (CVE-2008-2750) Linux kernel 2.6.18, and possibly other versions, when running on AMD64 architectures, allows local users to cause a denial of service (crash) via certain ptrace calls. (CVE-2008-1615) Integer overflow in the sctp_getsockopt_local_addrs_old function in net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) functionality in the Linux kernel before 2.6.25.9 allows local users to cause a denial of service (resource consumption and system outage) via vectors involving a large addr_num field in an sctp_getaddrs_old data structure. (CVE-2008-2826) Race condition in the directory notification subsystem (dnotify) in Linux kernel 2.6.x before 2.6.24.6, and 2.6.25 before 2.6.25.1, allows local users to cause a denial of service (OOPS) and possibly gain privileges via unspecified vectors. (CVE-2008-1375) The bdx_ioctl_priv function in the tehuti driver (tehuti.c) in Linux kernel 2.6.x before 2.6.25.1 does not properly check certain information related to register size, which has unspecified impact and local attack vectors, probably related to reading or writing kernel memory. (CVE-2008-1675) Linux kernel before 2.6.25.2 does not apply a certain protection mechanism for fcntl functionality, which allows local users to (1) execute code in parallel or (2) exploit a race condition to obtain re-ordered access to the descriptor table. (CVE-2008-1669) Additionaly, a number of fixes has been included for the rtc driver, Arima W651DI audio chipset, unionfs, as well as Tomoyolinux has been updated to 1.6.3, UDF 2.50 support was added, and a few things more. Check the package changelog for more details. To update your kernel, please follow the directions located at : http://www.mandriva.com/en/security/kernelupdate
    last seen 2019-02-21
    modified 2018-12-05
    plugin id 36653
    published 2009-04-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=36653
    title Mandriva Linux Security Advisory : kernel (MDVSA-2008:167)
  • NASL family OracleVM Local Security Checks
    NASL id ORACLEVM_OVMSA-2008-2005.NASL
    description The remote OracleVM system is missing necessary patches to address critical security updates : - fix utrace dead_engine ops race - fix ptrace_attach leak - CVE-2007-5093: kernel PWC driver DoS - CVE-2007-6282: IPSec ESP kernel panics - CVE-2007-6712: kernel: infinite loop in highres timers (kernel hang) - CVE-2008-1615: kernel: ptrace: Unprivileged crash on x86_64 %cs corruption - CVE-2008-1294: kernel: setrlimit(RLIMIT_CPUINFO) with zero value doesn't inherit properly across children - CVE-2008-2136: kernel: sit memory leak - CVE-2008-2812: kernel: NULL ptr dereference in multiple network drivers due to missing checks in tty code - restore linux-2.6-x86-clear-df-flag-for-signal-handlers.patch - restore linux-2.6-utrace.patch / linux-2.6-xen-utrace.patch - Kernel security erratas for OVM 2.1.2 from bz#5932 : - CVE-2007-6063: isdn: fix possible isdn_net buffer overflows - CVE-2007-3104 Null pointer to an inode in a dentry can cause an oops in sysfs_readdir - CVE-2008-0598: write system call vulnerability - CVE-2008-1375: kernel: race condition in dnotify - CVE-2008-0001: kernel: filesystem corruption by unprivileged user via directory truncation - CVE-2008-2358: dccp: sanity check feature length - CVE-2007-5938: NULL dereference in iwl driver - RHSA-2008:0508: kernel: [x86_64] The string instruction version didn't zero the output on exception. - kernel: clear df flag for signal handlers - fs: missing dput in do_lookup error leaks dentries - sysfs: fix condition check in sysfs_drop_dentry - sysfs: fix race condition around sd->s_dentry - ieee80211: off-by-two integer underflow
    last seen 2019-02-21
    modified 2019-01-02
    plugin id 79447
    published 2014-11-26
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=79447
    title OracleVM 2.1 : kernel (OVMSA-2008-2005)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_KERNEL-5473.NASL
    description This is a respin of the previous kernel update, which got retracted due to an IDE-CDROM regression, where any IDE CDROM access would hang or crash the system. Only this problem was fixed additionally. This kernel update fixes the following security problems : - On x86_64 a denial of service attack could be used by local attackers to immediately panic / crash the machine. (CVE-2008-1615) - Fixed a SMP ordering problem in fcntl_setlk could potentially allow local attackers to execute code by timing file locking. (CVE-2008-1669) - Fixed a resource starvation problem in the handling of ZERO mmap pages. (CVE-2008-2372) - The asn1 implementation in (a) the Linux kernel, as used in the cifs and ip_nat_snmp_basic modules does not properly validate length values during decoding of ASN.1 BER data, which allows remote attackers to cause a denial of service (crash) or execute arbitrary code via (1) a length greater than the working buffer, which can lead to an unspecified overflow; (2) an oid length of zero, which can lead to an off-by-one error; or (3) an indefinite length for a primitive encoding. (CVE-2008-1673) - Various tty / serial devices did not check functionpointers for NULL before calling them, leading to potential crashes or code execution. The devices affected are usually only accessible by the root user though. (CVE-2008-2812) - A missing permission check in mount changing was added which could have been used by local attackers to change the mountdirectory. (CVE-2008-2931) Additionally a very large number of bugs was fixed. Details can be found in the RPM changelog of the included packages. OCFS2 has been upgraded to the 1.4.1 release : - Endian fixes - Use slab caches for DLM objects - Export DLM state info to debugfs - Avoid ENOSPC in rare conditions when free inodes are reserved by other nodes - Error handling fix in ocfs2_start_walk_page_trans() - Cleanup lockres printing - Allow merging of extents - Fix to allow changing permissions of symlinks - Merged local fixes upstream (no code change)
    last seen 2019-02-21
    modified 2016-12-22
    plugin id 41533
    published 2009-09-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=41533
    title SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 5473)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2008-4043.NASL
    description Update to Linux kernel version 2.6.23.17: http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.23.16 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.23.17 Additionally, following security fixes were backported: CVE-2008-1669 - SMP ordering hole in fcntl_setlk() CVE-2008-1615 - Denial-of-service on x86_64 architecture. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-24
    plugin id 32384
    published 2008-05-20
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=32384
    title Fedora 7 : kernel-2.6.23.17-88.fc7 (2008-4043)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_KERNEL-5336.NASL
    description This kernel update fixes the following security problems : CVE-2008-1615: On x86_64 a denial of service attack could be used by local attackers to immediately panic / crash the machine. CVE-2008-2358: A security problem in DCCP was fixed, which could be used by remote attackers to crash the machine. CVE-2007-6206: An information leakage during coredumping of root processes was fixed. CVE-2007-6712: A integer overflow in the hrtimer_forward function (hrtimer.c) in Linux kernel, when running on 64-bit systems, allows local users to cause a denial of service (infinite loop) via a timer with a large expiry value, which causes the timer to always be expired. CVE-2008-2136: A problem in SIT IPv6 tunnel handling could be used by remote attackers to immediately crash the machine. CVE-2008-1669: Fixed a SMP ordering problem in fcntl_setlk could potentially allow local attackers to execute code by timing file locking. CVE-2008-1367: Clear the 'direction' flag before calling signal handlers. For specific not yet identified programs under specific timing conditions this could potentially have caused memory corruption or code execution. CVE-2008-1375: Fixed a dnotify race condition, which could be used by local attackers to potentially execute code. CVE-2007-6282: A remote attacker could crash the IPSec/IPv6 stack by sending a bad ESP packet. This requires the host to be able to receive such packets (default filtered by the firewall). CVE-2007-5500: A ptrace bug could be used by local attackers to hang their own processes indefinitely. CVE-2007-5904: A remote buffer overflow in CIFS was fixed which could be used by remote attackers to crash the machine or potentially execute code. And the following bugs (numbers are https://bugzilla.novell.com/ references) : - patches.arch/x86-nosmp-implies-noapic.patch: When booting with nosmp or maxcpus=0 on i386 or x86-64, we must disable the I/O APIC, otherwise the system won't boot in most cases (bnc#308540). - patches.arch/i386-at-sysinfo-ehdr: i386: make AT_SYSINFO_EHDR consistent with AT_SYSINFO (bnc#289641). - patches.suse/bonding-workqueue: Update to fix a hang when closing a bonding device (342994). - patches.fixes/mptspi-dv-renegotiate-oops: mptlinux crashes on kernel 2.6.22 (bnc#271749).
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 33252
    published 2008-06-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=33252
    title openSUSE 10 Security Update : kernel (kernel-5336)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-1588.NASL
    description Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-6712 Johannes Bauer discovered an integer overflow condition in the hrtimer subsystem on 64-bit systems. This can be exploited by local users to trigger a denial of service (DoS) by causing the kernel to execute an infinite loop. - CVE-2008-1615 Jan Kratochvil reported a local denial of service condition that permits local users on systems running the amd64 flavor kernel to cause a system crash. - CVE-2008-2136 Paul Harks discovered a memory leak in the Simple Internet Transition (SIT) code used for IPv6 over IPv4 tunnels. This can be exploited by remote users to cause a denial of service condition. - CVE-2008-2137 David Miller and Jan Lieskovsky discovered issues with the virtual address range checking of mmaped regions on the sparc architecture that may be exploited by local users to cause a denial of service.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 32448
    published 2008-05-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=32448
    title Debian DSA-1588-1 : linux-2.6 - denial of service
  • NASL family SuSE Local Security Checks
    NASL id SUSE_KERNEL-5477.NASL
    description This is a respin of the previous kernel update, which got retracted due to an IDE-CDROM regression, where any IDE CDROM access would hang or crash the system. Only this problem was fixed additionally. This kernel update fixes the following security problems : - On x86_64 a denial of service attack could be used by local attackers to immediately panic / crash the machine. (CVE-2008-1615) - Fixed a SMP ordering problem in fcntl_setlk could potentially allow local attackers to execute code by timing file locking. (CVE-2008-1669) - Fixed a resource starvation problem in the handling of ZERO mmap pages. (CVE-2008-2372) - The asn1 implementation in (a) the Linux kernel, as used in the cifs and ip_nat_snmp_basic modules does not properly validate length values during decoding of ASN.1 BER data, which allows remote attackers to cause a denial of service (crash) or execute arbitrary code via (1) a length greater than the working buffer, which can lead to an unspecified overflow; (2) an oid length of zero, which can lead to an off-by-one error; or (3) an indefinite length for a primitive encoding. (CVE-2008-1673) - Various tty / serial devices did not check functionpointers for NULL before calling them, leading to potential crashes or code execution. The devices affected are usually only accessible by the root user though. (CVE-2008-2812) - A missing permission check in mount changing was added which could have been used by local attackers to change the mountdirectory. (CVE-2008-2931) Additionally a very large number of bugs was fixed. Details can be found in the RPM changelog of the included packages. OCFS2 has been upgraded to the 1.4.1 release : - Endian fixes - Use slab caches for DLM objects - Export DLM state info to debugfs - Avoid ENOSPC in rare conditions when free inodes are reserved by other nodes - Error handling fix in ocfs2_start_walk_page_trans() - Cleanup lockres printing - Allow merging of extents - Fix to allow changing permissions of symlinks - Merged local fixes upstream (no code change)
    last seen 2019-02-21
    modified 2016-12-22
    plugin id 59129
    published 2012-05-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=59129
    title SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 5477)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2008-0237.NASL
    description Updated kernel packages that fix various security issues and several bugs are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any Linux operating system. These updated packages fix the following security issues : * the absence of a protection mechanism when attempting to access a critical section of code has been found in the Linux kernel open file descriptors control mechanism, fcntl. This could allow a local unprivileged user to simultaneously execute code, which would otherwise be protected against parallel execution. As well, a race condition when handling locks in the Linux kernel fcntl functionality, may have allowed a process belonging to a local unprivileged user to gain re-ordered access to the descriptor table. (CVE-2008-1669, Important) * on AMD64 architectures, the possibility of a kernel crash was discovered by testing the Linux kernel process-trace ability. This could allow a local unprivileged user to cause a denial of service (kernel crash). (CVE-2008-1615, Important) * the absence of a protection mechanism when attempting to access a critical section of code, as well as a race condition, have been found in the Linux kernel file system event notifier, dnotify. This could allow a local unprivileged user to get inconsistent data, or to send arbitrary signals to arbitrary system processes. (CVE-2008-1375, Important) Red Hat would like to thank Nick Piggin for responsibly disclosing the following issue : * when accessing kernel memory locations, certain Linux kernel drivers registering a fault handler did not perform required range checks. A local unprivileged user could use this flaw to gain read or write access to arbitrary kernel memory, or possibly cause a kernel crash. (CVE-2008-0007, Important) * the possibility of a kernel crash was found in the Linux kernel IPsec protocol implementation, due to improper handling of fragmented ESP packets. When an attacker controlling an intermediate router fragmented these packets into very small pieces, it would cause a kernel crash on the receiving node during packet reassembly. (CVE-2007-6282, Important) * a flaw in the MOXA serial driver could allow a local unprivileged user to perform privileged operations, such as replacing firmware. (CVE-2005-0504, Important) As well, these updated packages fix the following bugs : * multiple buffer overflows in the neofb driver have been resolved. It was not possible for an unprivileged user to exploit these issues, and as such, they have not been handled as security issues. * a kernel panic, due to inconsistent detection of AGP aperture size, has been resolved. * a race condition in UNIX domain sockets may have caused 'recv()' to return zero. In clustered configurations, this may have caused unexpected failovers. * to prevent link storms, network link carrier events were delayed by up to one second, causing unnecessary packet loss. Now, link carrier events are scheduled immediately. * a client-side race on blocking locks caused large time delays on NFS file systems. * in certain situations, the libATA sata_nv driver may have sent commands with duplicate tags, which were rejected by SATA devices. This may have caused infinite reboots. * running the 'service network restart' command may have caused networking to fail. * a bug in NFS caused cached information about directories to be stored for too long, causing wrong attributes to be read. * on systems with a large highmem/lowmem ratio, NFS write performance may have been very slow when using small files. * a bug, which caused network hangs when the system clock was wrapped around zero, has been resolved. Red Hat Enterprise Linux 4 users are advised to upgrade to these updated packages, which contain backported patches to resolve these issues.
    last seen 2019-02-21
    modified 2018-11-27
    plugin id 32162
    published 2008-05-09
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=32162
    title RHEL 4 : kernel (RHSA-2008:0237)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-625-1.NASL
    description Dirk Nehring discovered that the IPsec protocol stack did not correctly handle fragmented ESP packets. A remote attacker could exploit this to crash the system, leading to a denial of service. (CVE-2007-6282) Johannes Bauer discovered that the 64bit kernel did not correctly handle hrtimer updates. A local attacker could request a large expiration value and cause the system to hang, leading to a denial of service. (CVE-2007-6712) Tavis Ormandy discovered that the ia32 emulation under 64bit kernels did not fully clear uninitialized data. A local attacker could read private kernel memory, leading to a loss of privacy. (CVE-2008-0598) Jan Kratochvil discovered that PTRACE did not correctly handle certain calls when running under 64bit kernels. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2008-1615) Wei Wang discovered that the ASN.1 decoding routines in CIFS and SNMP NAT did not correctly handle certain length values. Remote attackers could exploit this to execute arbitrary code or crash the system. (CVE-2008-1673) Paul Marks discovered that the SIT interfaces did not correctly manage allocated memory. A remote attacker could exploit this to fill all available memory, leading to a denial of service. (CVE-2008-2136) David Miller and Jan Lieskovsky discovered that the Sparc kernel did not correctly range-check memory regions allocated with mmap. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2008-2137) The sys_utimensat system call did not correctly check file permissions in certain situations. A local attacker could exploit this to modify the file times of arbitrary files which could lead to a denial of service. (CVE-2008-2148) Brandon Edwards discovered that the DCCP system in the kernel did not correctly check feature lengths. A remote attacker could exploit this to execute arbitrary code. (CVE-2008-2358) A race condition was discovered between ptrace and utrace in the kernel. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2008-2365) The copy_to_user routine in the kernel did not correctly clear memory destination addresses when running on 64bit kernels. A local attacker could exploit this to gain access to sensitive kernel memory, leading to a loss of privacy. (CVE-2008-2729) The PPP over L2TP routines in the kernel did not correctly handle certain messages. A remote attacker could send a specially crafted packet that could crash the system or execute arbitrary code. (CVE-2008-2750) Gabriel Campana discovered that SCTP routines did not correctly check for large addresses. A local user could exploit this to allocate all available memory, leading to a denial of service. (CVE-2008-2826). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 33531
    published 2008-07-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=33531
    title Ubuntu 6.06 LTS / 7.04 / 7.10 / 8.04 LTS : linux, linux-source-2.6.15/20/22 vulnerabilities (USN-625-1)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_KERNEL-5370.NASL
    description This kernel update fixes quite a number of security problems : - A remote attacker could crash the IPSec/IPv6 stack by sending a bad ESP packet. This requires the host to be able to receive such packets (default filtered by the firewall). (CVE-2007-6282) - A problem in SIT IPv6 tunnel handling could be used by remote attackers to immediately crash the machine. (CVE-2008-2136) - On x86_64 a denial of service attack could be used by local attackers to immediately panic / crash the machine. (CVE-2008-1615) - An information leakage during coredumping of root processes was fixed. (CVE-2007-6206) - Fixed a SMP ordering problem in fcntl_setlk could potentially allow local attackers to execute code by timing file locking. (CVE-2008-1669) - Fixed a dnotify race condition, which could be used by local attackers to potentially execute code. (CVE-2008-1375) - A ptrace bug could be used by local attackers to hang their own processes indefinitely. (CVE-2007-5500) - Clear the 'direction' flag before calling signal handlers. For specific not yet identified programs under specific timing conditions this could potentially have caused memory corruption or code execution. (CVE-2008-1367) - The isdn_ioctl function in isdn_common.c allowed local users to cause a denial of service via a crafted ioctl struct in which ioctls is not null terminated, which triggers a buffer overflow. (CVE-2007-6151) Non security related changes : OCFS2 was updated to version v1.2.9-1-r3100. Also a huge number of bugs were fixed. Please refer to the RPM changelog for a detailed list.
    last seen 2019-02-21
    modified 2016-12-22
    plugin id 59128
    published 2012-05-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=59128
    title SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 5370)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2008-0275.NASL
    description From Red Hat Security Advisory 2008:0275 : Updated kernel packages that fix various security issues and several bugs are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any Linux operating system. These updated packages fix the following security issues : * on AMD64 architectures, the possibility of a kernel crash was discovered by testing the Linux kernel process-trace ability. This could allow a local unprivileged user to cause a denial of service (kernel crash). (CVE-2008-1615, Important) * on 64-bit architectures, the possibility of a timer-expiration value overflow was found in the Linux kernel high-resolution timers functionality, hrtimer. This could allow a local unprivileged user to setup a large interval value, forcing the timer expiry value to become negative, causing a denial of service (kernel hang). (CVE-2007-6712, Important) * the possibility of a kernel crash was found in the Linux kernel IPsec protocol implementation, due to improper handling of fragmented ESP packets. When an attacker controlling an intermediate router fragmented these packets into very small pieces, it would cause a kernel crash on the receiving node during packet reassembly. (CVE-2007-6282, Important) * a potential denial of service attack was discovered in the Linux kernel PWC USB video driver. A local unprivileged user could use this flaw to bring the kernel USB subsystem into the busy-waiting state, causing a denial of service. (CVE-2007-5093, Low) As well, these updated packages fix the following bugs : * in certain situations, a kernel hang and a possible panic occurred when disabling the cpufreq daemon. This may have prevented system reboots from completing successfully. * continual 'softlockup' messages, which occurred on the guest's console after a successful save and restore of a Red Hat Enterprise Linux 5 para-virtualized guest, have been resolved. * in the previous kernel packages, the kernel may not have reclaimed NFS locks after a system reboot. Red Hat Enterprise Linux 5 users are advised to upgrade to these updated packages, which contain backported patches to resolve these issues.
    last seen 2019-02-21
    modified 2019-01-02
    plugin id 67691
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=67691
    title Oracle Linux 5 : kernel (ELSA-2008-0275)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_KERNEL-5339.NASL
    description This kernel update fixes the following security problems: CVE-2008-2136: A problem in SIT IPv6 tunnel handling could be used by remote attackers to immediately crash the machine. CVE-2008-1615: On x86_64 a denial of service attack could be used by local attackers to immediately panic / crash the machine. CVE-2008-2148: The permission checking in sys_utimensat was incorrect and local attackers could change the filetimes of files they do not own to the current time. CVE-2008-1669: Fixed a SMP ordering problem in fcntl_setlk could potentially allow local attackers to execute code by timing file locking. CVE-2008-1375: Fixed a dnotify race condition, which could be used by local attackers to potentially execute code. CVE-2007-6282: A remote attacker could crash the IPSec/IPv6 stack by sending a bad ESP packet. This requires the host to be able to receive such packets (default filtered by the firewall). CVE-2008-1367: Clear the 'direction' flag before calling signal handlers. For specific not yet identified programs under specific timing conditions this could potentially have caused memory corruption or code execution. And the following bugs (numbers are https://bugzilla.novell.com/ references) : - patches.fixes/input-add-amilo-pro-v-to-nomux.patch: Update the patch to include also 2030 model to nomux list (bnc#389169). - patches.apparmor/fix-net.diff: AppArmor: fix Oops in apparmor_socket_getpeersec_dgram() (bnc#378608). - patches.fixes/input-alps-update.patch: Input: fix the AlpsPS2 driver (bnc#357881). - patches.arch/cpufreq_fix_acpi_driver_on_BIOS_changes.patch: CPUFREQ: Check against freq changes from the BIOS (334378). - patches.fixes/ieee1394-limit-early-node-speed-to-host-interf ace-speed: ieee1394: limit early node speed to host interface speed (381304). - patches.fixes/forcedeth_realtec_phy_fix: Fix a regression to the GA kernel for some forcedeth cards (bnc#379478) - pci-revert-SMBus-unhide-on-nx6110.patch: Do not unhide the SMBus on the HP Compaq nx6110, it's unsafe. - patches.drivers/e1000-disable-l1aspm.patch: Disable L1 ASPM power savings for 82573 mobile variants, it's broken (bnc#254713, LTC34077). - patches.drivers/libata-improve-hpa-error-handling: libata: improve HPA error handling (365534). - rpm/kernel-binary.spec.in: Added Conflicts: libc.so.6()(64bit) to i386 arch (364433). - patches.drivers/libata-disallow-sysfs-read-access-to-force-p aram: libata: don't allow sysfs read access to force param (362599). - patches.suse/bonding-workqueue: Update to fix a hang when closing a bonding device (342994). - patches.fixes/mptspi-dv-renegotiate-oops: mptlinux crashes on kernel 2.6.22 (bnc#271749). - patches.drivers/usb-update-sierra-and-option-device-ids-from -2.6.25-rc3.patch: USB: update sierra and option device ids from 2.6.25-rc3 (343167). - patches.arch/x86-nvidia-timer-quirk: Disable again (#302327) The PCI ID lists are not complete enough and let's have the same crap as mainline for this for now. - patches.fixes/input-add-lenovo-3000-n100-to-nomux.patch: Input: add Lenovo 3000 N100 to nomux blacklist (bnc#284013). - patches.suse/bonding-bh-locking: Add missing chunks. The SLES10 SP1 version of the patch was updated in May 2007 but the openSuse 10.3 version was forgotten (260069). - patches.fixes/knfsd-Allow-NFSv2-3-WRITE-calls-to-succeed-whe n-krb.patch: knfsd: Allow NFSv2/3 WRITE calls to succeed when krb5i etc is used. (348737). - patches.fixes/md-fix-an-occasional-deadlock-in-raid5.patch: md: fix an occasional deadlock in raid5 (357088). - patches.drivers/libata-quirk_amd_ide_mode: PCI: modify SATA IDE mode quirk (345124). - Fix section mismatch build failure w/ gcc 4.1.2. bug #361086. - patches.drivers/libata-implement-force-parameter: libata: implement libata.force module parameter (337610). Lots of XEN Fixes (not detailed listed). Lots of RT Fixes (not detailed listed). - Update to 2.6.22.18 - removes upstreamed patch : - patches.fixes/vmsplice-pipe-exploit (CVE-2008-0600)
    last seen 2019-02-21
    modified 2016-12-22
    plugin id 33253
    published 2008-06-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=33253
    title openSUSE 10 Security Update : kernel (kernel-5339)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_KERNEL-5375.NASL
    description This kernel update fixes quite a number of security problems : - A remote attacker could crash the IPSec/IPv6 stack by sending a bad ESP packet. This requires the host to be able to receive such packets (default filtered by the firewall). (CVE-2007-6282) - A problem in SIT IPv6 tunnel handling could be used by remote attackers to immediately crash the machine. (CVE-2008-2136) - On x86_64 a denial of service attack could be used by local attackers to immediately panic / crash the machine. (CVE-2008-1615) - An information leakage during coredumping of root processes was fixed. (CVE-2007-6206) - Fixed a SMP ordering problem in fcntl_setlk could potentially allow local attackers to execute code by timing file locking. (CVE-2008-1669) - Fixed a dnotify race condition, which could be used by local attackers to potentially execute code. (CVE-2008-1375) - A ptrace bug could be used by local attackers to hang their own processes indefinitely. (CVE-2007-5500) - Clear the 'direction' flag before calling signal handlers. For specific not yet identified programs under specific timing conditions this could potentially have caused memory corruption or code execution. (CVE-2008-1367) - The isdn_ioctl function in isdn_common.c allowed local users to cause a denial of service via a crafted ioctl struct in which ioctls is not null terminated, which triggers a buffer overflow. (CVE-2007-6151) Non security related changes : OCFS2 was updated to version v1.2.9-1-r3100. Also a huge number of bugs were fixed. Please refer to the RPM changelog for a detailed list.
    last seen 2019-02-21
    modified 2016-12-22
    plugin id 33432
    published 2008-07-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=33432
    title SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 5375)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2008-0275.NASL
    description Updated kernel packages that fix various security issues and several bugs are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any Linux operating system. These updated packages fix the following security issues : * on AMD64 architectures, the possibility of a kernel crash was discovered by testing the Linux kernel process-trace ability. This could allow a local unprivileged user to cause a denial of service (kernel crash). (CVE-2008-1615, Important) * on 64-bit architectures, the possibility of a timer-expiration value overflow was found in the Linux kernel high-resolution timers functionality, hrtimer. This could allow a local unprivileged user to setup a large interval value, forcing the timer expiry value to become negative, causing a denial of service (kernel hang). (CVE-2007-6712, Important) * the possibility of a kernel crash was found in the Linux kernel IPsec protocol implementation, due to improper handling of fragmented ESP packets. When an attacker controlling an intermediate router fragmented these packets into very small pieces, it would cause a kernel crash on the receiving node during packet reassembly. (CVE-2007-6282, Important) * a potential denial of service attack was discovered in the Linux kernel PWC USB video driver. A local unprivileged user could use this flaw to bring the kernel USB subsystem into the busy-waiting state, causing a denial of service. (CVE-2007-5093, Low) As well, these updated packages fix the following bugs : * in certain situations, a kernel hang and a possible panic occurred when disabling the cpufreq daemon. This may have prevented system reboots from completing successfully. * continual 'softlockup' messages, which occurred on the guest's console after a successful save and restore of a Red Hat Enterprise Linux 5 para-virtualized guest, have been resolved. * in the previous kernel packages, the kernel may not have reclaimed NFS locks after a system reboot. Red Hat Enterprise Linux 5 users are advised to upgrade to these updated packages, which contain backported patches to resolve these issues.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 43685
    published 2010-01-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=43685
    title CentOS 5 : kernel (CESA-2008:0275)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20080507_KERNEL_ON_SL4_X.NASL
    description These updated packages fix the following security issues : - the absence of a protection mechanism when attempting to access a critical section of code has been found in the Linux kernel open file descriptors control mechanism, fcntl. This could allow a local unprivileged user to simultaneously execute code, which would otherwise be protected against parallel execution. As well, a race condition when handling locks in the Linux kernel fcntl functionality, may have allowed a process belonging to a local unprivileged user to gain re-ordered access to the descriptor table. (CVE-2008-1669, Important) - on AMD64 architectures, the possibility of a kernel crash was discovered by testing the Linux kernel process-trace ability. This could allow a local unprivileged user to cause a denial of service (kernel crash). (CVE-2008-1615, Important) - the absence of a protection mechanism when attempting to access a critical section of code, as well as a race condition, have been found in the Linux kernel file system event notifier, dnotify. This could allow a local unprivileged user to get inconsistent data, or to send arbitrary signals to arbitrary system processes. (CVE-2008-1375, Important) - when accessing kernel memory locations, certain Linux kernel drivers registering a fault handler did not perform required range checks. A local unprivileged user could use this flaw to gain read or write access to arbitrary kernel memory, or possibly cause a kernel crash. (CVE-2008-0007, Important) - the possibility of a kernel crash was found in the Linux kernel IPsec protocol implementation, due to improper handling of fragmented ESP packets. When an attacker controlling an intermediate router fragmented these packets into very small pieces, it would cause a kernel crash on the receiving node during packet reassembly. (CVE-2007-6282, Important) - a flaw in the MOXA serial driver could allow a local unprivileged user to perform privileged operations, such as replacing firmware. (CVE-2005-0504, Important) As well, these updated packages fix the following bugs : - multiple buffer overflows in the neofb driver have been resolved. It was not possible for an unprivileged user to exploit these issues, and as such, they have not been handled as security issues. - a kernel panic, due to inconsistent detection of AGP aperture size, has been resolved. - a race condition in UNIX domain sockets may have caused 'recv()' to return zero. In clustered configurations, this may have caused unexpected failovers. - to prevent link storms, network link carrier events were delayed by up to one second, causing unnecessary packet loss. Now, link carrier events are scheduled immediately. - a client-side race on blocking locks caused large time delays on NFS file systems. - in certain situations, the libATA sata_nv driver may have sent commands with duplicate tags, which were rejected by SATA devices. This may have caused infinite reboots. - running the 'service network restart' command may have caused networking to fail. - a bug in NFS caused cached information about directories to be stored for too long, causing wrong attributes to be read. - on systems with a large highmem/lowmem ratio, NFS write performance may have been very slow when using small files. - a bug, which caused network hangs when the system clock was wrapped around zero, has been resolved.
    last seen 2019-02-21
    modified 2019-01-07
    plugin id 60394
    published 2012-08-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=60394
    title Scientific Linux Security Update : kernel on SL4.x i386/x86_64
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2008-0237.NASL
    description Updated kernel packages that fix various security issues and several bugs are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any Linux operating system. These updated packages fix the following security issues : * the absence of a protection mechanism when attempting to access a critical section of code has been found in the Linux kernel open file descriptors control mechanism, fcntl. This could allow a local unprivileged user to simultaneously execute code, which would otherwise be protected against parallel execution. As well, a race condition when handling locks in the Linux kernel fcntl functionality, may have allowed a process belonging to a local unprivileged user to gain re-ordered access to the descriptor table. (CVE-2008-1669, Important) * on AMD64 architectures, the possibility of a kernel crash was discovered by testing the Linux kernel process-trace ability. This could allow a local unprivileged user to cause a denial of service (kernel crash). (CVE-2008-1615, Important) * the absence of a protection mechanism when attempting to access a critical section of code, as well as a race condition, have been found in the Linux kernel file system event notifier, dnotify. This could allow a local unprivileged user to get inconsistent data, or to send arbitrary signals to arbitrary system processes. (CVE-2008-1375, Important) Red Hat would like to thank Nick Piggin for responsibly disclosing the following issue : * when accessing kernel memory locations, certain Linux kernel drivers registering a fault handler did not perform required range checks. A local unprivileged user could use this flaw to gain read or write access to arbitrary kernel memory, or possibly cause a kernel crash. (CVE-2008-0007, Important) * the possibility of a kernel crash was found in the Linux kernel IPsec protocol implementation, due to improper handling of fragmented ESP packets. When an attacker controlling an intermediate router fragmented these packets into very small pieces, it would cause a kernel crash on the receiving node during packet reassembly. (CVE-2007-6282, Important) * a flaw in the MOXA serial driver could allow a local unprivileged user to perform privileged operations, such as replacing firmware. (CVE-2005-0504, Important) As well, these updated packages fix the following bugs : * multiple buffer overflows in the neofb driver have been resolved. It was not possible for an unprivileged user to exploit these issues, and as such, they have not been handled as security issues. * a kernel panic, due to inconsistent detection of AGP aperture size, has been resolved. * a race condition in UNIX domain sockets may have caused 'recv()' to return zero. In clustered configurations, this may have caused unexpected failovers. * to prevent link storms, network link carrier events were delayed by up to one second, causing unnecessary packet loss. Now, link carrier events are scheduled immediately. * a client-side race on blocking locks caused large time delays on NFS file systems. * in certain situations, the libATA sata_nv driver may have sent commands with duplicate tags, which were rejected by SATA devices. This may have caused infinite reboots. * running the 'service network restart' command may have caused networking to fail. * a bug in NFS caused cached information about directories to be stored for too long, causing wrong attributes to be read. * on systems with a large highmem/lowmem ratio, NFS write performance may have been very slow when using small files. * a bug, which caused network hangs when the system clock was wrapped around zero, has been resolved. Red Hat Enterprise Linux 4 users are advised to upgrade to these updated packages, which contain backported patches to resolve these issues.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 43682
    published 2010-01-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=43682
    title CentOS 4 : kernel (CESA-2008:0237)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2008-0237.NASL
    description From Red Hat Security Advisory 2008:0237 : Updated kernel packages that fix various security issues and several bugs are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any Linux operating system. These updated packages fix the following security issues : * the absence of a protection mechanism when attempting to access a critical section of code has been found in the Linux kernel open file descriptors control mechanism, fcntl. This could allow a local unprivileged user to simultaneously execute code, which would otherwise be protected against parallel execution. As well, a race condition when handling locks in the Linux kernel fcntl functionality, may have allowed a process belonging to a local unprivileged user to gain re-ordered access to the descriptor table. (CVE-2008-1669, Important) * on AMD64 architectures, the possibility of a kernel crash was discovered by testing the Linux kernel process-trace ability. This could allow a local unprivileged user to cause a denial of service (kernel crash). (CVE-2008-1615, Important) * the absence of a protection mechanism when attempting to access a critical section of code, as well as a race condition, have been found in the Linux kernel file system event notifier, dnotify. This could allow a local unprivileged user to get inconsistent data, or to send arbitrary signals to arbitrary system processes. (CVE-2008-1375, Important) Red Hat would like to thank Nick Piggin for responsibly disclosing the following issue : * when accessing kernel memory locations, certain Linux kernel drivers registering a fault handler did not perform required range checks. A local unprivileged user could use this flaw to gain read or write access to arbitrary kernel memory, or possibly cause a kernel crash. (CVE-2008-0007, Important) * the possibility of a kernel crash was found in the Linux kernel IPsec protocol implementation, due to improper handling of fragmented ESP packets. When an attacker controlling an intermediate router fragmented these packets into very small pieces, it would cause a kernel crash on the receiving node during packet reassembly. (CVE-2007-6282, Important) * a flaw in the MOXA serial driver could allow a local unprivileged user to perform privileged operations, such as replacing firmware. (CVE-2005-0504, Important) As well, these updated packages fix the following bugs : * multiple buffer overflows in the neofb driver have been resolved. It was not possible for an unprivileged user to exploit these issues, and as such, they have not been handled as security issues. * a kernel panic, due to inconsistent detection of AGP aperture size, has been resolved. * a race condition in UNIX domain sockets may have caused 'recv()' to return zero. In clustered configurations, this may have caused unexpected failovers. * to prevent link storms, network link carrier events were delayed by up to one second, causing unnecessary packet loss. Now, link carrier events are scheduled immediately. * a client-side race on blocking locks caused large time delays on NFS file systems. * in certain situations, the libATA sata_nv driver may have sent commands with duplicate tags, which were rejected by SATA devices. This may have caused infinite reboots. * running the 'service network restart' command may have caused networking to fail. * a bug in NFS caused cached information about directories to be stored for too long, causing wrong attributes to be read. * on systems with a large highmem/lowmem ratio, NFS write performance may have been very slow when using small files. * a bug, which caused network hangs when the system clock was wrapped around zero, has been resolved. Red Hat Enterprise Linux 4 users are advised to upgrade to these updated packages, which contain backported patches to resolve these issues.
    last seen 2019-02-21
    modified 2018-07-18
    plugin id 67685
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=67685
    title Oracle Linux 4 : kernel (ELSA-2008-0237)
oval via4
accepted 2013-04-29T04:20:17.741-04:00
class vulnerability
contributors
  • name Aharon Chernin
    organization SCAP.com, LLC
  • name Dragos Prisaca
    organization G2, Inc.
definition_extensions
  • comment The operating system installed on the system is Red Hat Enterprise Linux 4
    oval oval:org.mitre.oval:def:11831
  • comment CentOS Linux 4.x
    oval oval:org.mitre.oval:def:16636
  • comment Oracle Linux 4.x
    oval oval:org.mitre.oval:def:15990
  • comment The operating system installed on the system is Red Hat Enterprise Linux 5
    oval oval:org.mitre.oval:def:11414
  • comment The operating system installed on the system is CentOS Linux 5.x
    oval oval:org.mitre.oval:def:15802
  • comment Oracle Linux 5.x
    oval oval:org.mitre.oval:def:15459
description Linux kernel 2.6.18, and possibly other versions, when running on AMD64 architectures, allows local users to cause a denial of service (crash) via certain ptrace calls.
family unix
id oval:org.mitre.oval:def:9563
status accepted
submitted 2010-07-09T03:56:16-04:00
title Linux kernel 2.6.18, and possibly other versions, when running on AMD64 architectures, allows local users to cause a denial of service (crash) via certain ptrace calls.
version 24
redhat via4
advisories
  • bugzilla
    id 445360
    title RHEL5.1 kernel not reclaiming NFS locks when server reboots
    oval
    AND
    • comment Red Hat Enterprise Linux 5 is installed
      oval oval:com.redhat.rhsa:tst:20070055001
    • OR
      • AND
        • comment kernel is earlier than 0:2.6.18-53.1.21.el5
          oval oval:com.redhat.rhsa:tst:20080275002
        • comment kernel is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070099003
      • AND
        • comment kernel-PAE is earlier than 0:2.6.18-53.1.21.el5
          oval oval:com.redhat.rhsa:tst:20080275022
        • comment kernel-PAE is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070099019
      • AND
        • comment kernel-PAE-devel is earlier than 0:2.6.18-53.1.21.el5
          oval oval:com.redhat.rhsa:tst:20080275020
        • comment kernel-PAE-devel is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070099017
      • AND
        • comment kernel-debug is earlier than 0:2.6.18-53.1.21.el5
          oval oval:com.redhat.rhsa:tst:20080275008
        • comment kernel-debug is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070993007
      • AND
        • comment kernel-debug-devel is earlier than 0:2.6.18-53.1.21.el5
          oval oval:com.redhat.rhsa:tst:20080275014
        • comment kernel-debug-devel is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070993013
      • AND
        • comment kernel-devel is earlier than 0:2.6.18-53.1.21.el5
          oval oval:com.redhat.rhsa:tst:20080275012
        • comment kernel-devel is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070099011
      • AND
        • comment kernel-doc is earlier than 0:2.6.18-53.1.21.el5
          oval oval:com.redhat.rhsa:tst:20080275024
        • comment kernel-doc is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070099021
      • AND
        • comment kernel-headers is earlier than 0:2.6.18-53.1.21.el5
          oval oval:com.redhat.rhsa:tst:20080275004
        • comment kernel-headers is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070099005
      • AND
        • comment kernel-kdump is earlier than 0:2.6.18-53.1.21.el5
          oval oval:com.redhat.rhsa:tst:20080275016
        • comment kernel-kdump is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070099015
      • AND
        • comment kernel-kdump-devel is earlier than 0:2.6.18-53.1.21.el5
          oval oval:com.redhat.rhsa:tst:20080275018
        • comment kernel-kdump-devel is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070099013
      • AND
        • comment kernel-xen is earlier than 0:2.6.18-53.1.21.el5
          oval oval:com.redhat.rhsa:tst:20080275010
        • comment kernel-xen is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070099007
      • AND
        • comment kernel-xen-devel is earlier than 0:2.6.18-53.1.21.el5
          oval oval:com.redhat.rhsa:tst:20080275006
        • comment kernel-xen-devel is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070099009
    rhsa
    id RHSA-2008:0275
    released 2008-05-20
    severity Important
    title RHSA-2008:0275: kernel security and bug fix update (Important)
  • rhsa
    id RHSA-2008:0237
  • rhsa
    id RHSA-2008:0585
rpms
  • kernel-0:2.6.9-67.0.15.EL
  • kernel-devel-0:2.6.9-67.0.15.EL
  • kernel-doc-0:2.6.9-67.0.15.EL
  • kernel-hugemem-0:2.6.9-67.0.15.EL
  • kernel-hugemem-devel-0:2.6.9-67.0.15.EL
  • kernel-largesmp-0:2.6.9-67.0.15.EL
  • kernel-largesmp-devel-0:2.6.9-67.0.15.EL
  • kernel-smp-0:2.6.9-67.0.15.EL
  • kernel-smp-devel-0:2.6.9-67.0.15.EL
  • kernel-xenU-0:2.6.9-67.0.15.EL
  • kernel-xenU-devel-0:2.6.9-67.0.15.EL
  • kernel-0:2.6.18-53.1.21.el5
  • kernel-PAE-0:2.6.18-53.1.21.el5
  • kernel-PAE-devel-0:2.6.18-53.1.21.el5
  • kernel-debug-0:2.6.18-53.1.21.el5
  • kernel-debug-devel-0:2.6.18-53.1.21.el5
  • kernel-devel-0:2.6.18-53.1.21.el5
  • kernel-doc-0:2.6.18-53.1.21.el5
  • kernel-headers-0:2.6.18-53.1.21.el5
  • kernel-kdump-0:2.6.18-53.1.21.el5
  • kernel-kdump-devel-0:2.6.18-53.1.21.el5
  • kernel-xen-0:2.6.18-53.1.21.el5
  • kernel-xen-devel-0:2.6.18-53.1.21.el5
refmap via4
bid 29086
debian DSA-1588
fedora FEDORA-2008-4043
mandriva
  • MDVSA-2008:167
  • MDVSA-2008:174
misc https://bugzilla.redhat.com/show_bug.cgi?id=431430
sectrack 1020047
secunia
  • 30112
  • 30252
  • 30294
  • 30368
  • 30818
  • 30890
  • 30962
  • 30982
  • 31107
  • 31628
suse
  • SUSE-SA:2008:030
  • SUSE-SA:2008:031
  • SUSE-SA:2008:032
  • SUSE-SA:2008:035
  • SUSE-SA:2008:038
ubuntu USN-625-1
xf linux-kernel-processtrace-dos(42278)
Last major update 26-11-2012 - 22:44
Published 07-05-2008 - 20:20
Last modified 28-09-2017 - 21:30
Back to Top